Skip to main content

Featured Post

AMD to invest $400 million in India by 2028: Here’s what we know

US chipmaker Advanced Micro Devices said on Friday it will invest around $400 million in India over the next five years and will build its largest design center in the tech hub of Bengaluru. AMD’s announcement was made by its Chief Technology Officer Mark Papermaster at an annual semiconductor conference that started Friday in Prime Minister Narendra Modi’s home state of Gujarat. Other speakers at the flagship event include Foxconn Chairman Young Liu and Micron CEO Sanjay Mehrotra. Despite being a late entrant, the Modi government has been courting investments into India’s nascent chip sector to establish its credentials as a chipmaking hub. AMD said it will open its new design centre campus in Bengaluru by end of this year and create 3,000 new engineering roles within five years. “Our India teams will continue to play a pivotal role in delivering the high-performance and adaptive solutions that support AMD customers worldwide,” Papermaster said. The new 500,000-square-foot (55,5...
1 comment
Read more
Labels

Safari 15 bug can leak your Google account info, recent browsing history

A bug in Safari 15 can reveal your recent web browsing history and some of the information attached to your logged-in Google account. The vulnerability lies in Apple’s implementation of IndexedDB, which is an application programming interface (API) that stores data on your browser, on macOS and iOS.

According to findings from FingerprintJS, IndexedDB follows the same-origin policy that restricts how documents on one origin can interact with resources from other origins. Indexed databases are associated with a specific origin. “Documents or scripts associated with different origins should never have the possibility to interact with databases associated with other origins,” the blog says. Simply said, ideally, a website that generates an indexed database should be the only one to access it. For instance, if you have opened a social media account in one tab of the web browser and a malicious website on the other, the IndexedDB API should prevent the malicious website from looking into the data of your social media account.

However, in the case of Safari 15, the IndexedDB API is violating this same-origin policy in Safari 15 on macOS, and in all browsers on iOS and iPadOS 15. FingerprintJS notes that every time a website interacts with a database, a new and empty “database with the same name is created in all other active frames, tabs, and windows within the same browser session.”

This could lead other websites, even the potentially malicious ones to see the name of other databases on other sites. This indeed could give them specific details, which would help them in identifying specific users.

Furthermore, FingerprintJS says that platforms such as YouTube, Google Calendar, or Google Keep create databases that include the Google User ID. And in case a user is logged into multiple accounts, databases are created for all these accounts. Now, Google uses this Google ID to collect publicly available information associated with an account.

Safari 15’s vulnerability can allow malicious websites to access all of this information, without the user taking any action. “Not only does this imply that untrusted or malicious websites can learn a user’s identity, but it also allows the linking together of multiple separate accounts used by the same user,” the site says. What’s even worse is that this vulnerability also affects the private mode in Safari 15.

So how can you safeguard yourself?

Unfortunately, there isn’t much you can do about this vulnerability as Apple is yet to release a security patch for it. The only alternative that users can try is temporarily switching to a different browser.

The post Safari 15 bug can leak your Google account info, recent browsing history appeared first on BGR India.



from BGR India https://ift.tt/34MY8FS
via IFTTT
Email Post
Labels:

Comments

Post a Comment

add